Re: Why is *splitting every word* is a shell security hole?

help-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why is splitting every word is a shell security hole?

From:	Greg Wooledge
Subject:	Re: Why is splitting every word is a shell security hole?
Date:	Wed, 21 Aug 2024 17:04:35 -0400

On Wed, Aug 21, 2024 at 20:57:46 +0200, alex xmb sw ratchev wrote:
> IFS+=h
> 
> nm , thxx
> 
> and you get to run it the next time the user uses `echo'.

VAR+=content is a bash extension, which would definitely not work in
the Bourne shells where splitting of literal words happened.

[Prev in Thread]

Current Thread

[Next in Thread]

Why is *splitting every word* is a shell security hole?, shynur ., 2024/08/19
- Re: Why is *splitting every word* is a shell security hole?, Emanuele Torre, 2024/08/19
  - Re: Why is *splitting every word* is a shell security hole?, G. Branden Robinson, 2024/08/19
- Re: Why is *splitting every word* is a shell security hole?, Chet Ramey, 2024/08/21
  - Re: Why is *splitting every word* is a shell security hole?, Greg Wooledge, 2024/08/21
  - Re: Why is *splitting every word* is a shell security hole?, alex xmb sw ratchev, 2024/08/21
    - Re: Why is *splitting every word* is a shell security hole?, Greg Wooledge <=
    - Re: Why is *splitting every word* is a shell security hole?, alex xmb sw ratchev, 2024/08/21

Prev by Date: Re: Build Issues - devel in MSYS2 MSYS
Next by Date: Re: Why is *splitting every word* is a shell security hole?
Previous by thread: Re: Why is *splitting every word* is a shell security hole?
Next by thread: Re: Why is *splitting every word* is a shell security hole?
Index(es):
- Date
- Thread